def service_get(request):
login = pyramid.security.authenticated_userid(request)
did_fail = False
user = None
data = {}
accessKey = request.matchdict['accessKey']
if login is not None:
headers = pyramid.security.forget(request)
'''
username = login.split("|")[0]
user = conference_abstract.auth.check_user(request)
if user is not None:
loc = request.route_url('dashboard')
return HTTPFound(location=loc)
'''
try:
sql = """select * from copyeditors where accesskey = %s"""
conn = conference_abstract.util.get_connection()
cur = conn.cursor(cursor_factory=psycopg2.extras.RealDictCursor)
sqlOut = cur.mogrify(sql, (accessKey, ))
cur.execute(sql, (accessKey, ))
if cur.rowcount == 1:
data = {"sqlran": sqlOut}
results = cur.fetchone()
user = User('*****@*****.**')
user.get_userObj()
userObj = user.get_editorObj(accessKey)
headers = pyramid.security.remember(
request, '*****@*****.**' + "|" + str(accessKey) +
"|" + str(userObj["editorId"]))
session = request.session
session['fullname'] = userObj["fullname"]
session['userId'] = userObj["userId"]
return HTTPFound(location="/dashboard", headers=headers)
else:
print "========== \/ look here \/ ========="
print sqlOut
print cur.rowcount
print "========== /\ look here /\ ========="
except Exception as e:
print ">>>>>>>>>> ERROR ERROR ERROR >>>>>>>>>>>>"
print e
print ">>>>>>>>>> ERROR ERROR ERROR >>>>>>>>>>>>"
return conference_abstract.util.generate_template('noAccess.mako', {
"user": user,
"request": request,
"pageTitle": "Login"
})
def check_user(request):
login = pyramid.security.authenticated_userid(request)
user = None
isValid = False
if login is not None:
username = login.split("|")[0]
userId = login.split("|")[1]
user = User(username)
isValid = user.is_token_valid(userId)
print "TESTING FOR SESSION", isValid
if isValid == False:
return False
else:
session = request.session
print session
if 'fullname' in session:
user.fullname = session["fullname"]
user.userId = session["userId"]
user.check_userLevel()
else:
userObj = user.get_userObj()
session['fullname'] = userObj["fullname"]
session['userId'] = userObj["userId"]
return user
def service_post(request):
login = pyramid.security.authenticated_userid(request)
did_fail = False
user = None
noAccess = False
data = {}
templateVars = {
'message':'Your email or password is incorrect.<br/> Please try again',
#'user': user,
'breadCrumbs':[{"url":"/","text":"Home"},{"url":"","text":"Chair Login"}],
'pageTitle':'Chair Login',
#'token':token, # session token
"request":request
}
if 'submit' in request.POST:
login = request.POST.get('login', '')
passwd = request.POST.get('passwd', '')
#user = USERS.get(login, None)
print login,passwd
user = User(login,None)
loginCheck = user.check_password(passwd)
if user and loginCheck != False:
# Create session and set cookies
userObj = user.get_userObj()
headers = pyramid.security.forget(request)
conn = conference_abstract.util.get_connection()
cur = conn.cursor(cursor_factory=psycopg2.extras.RealDictCursor)
try:
sql = """select * from chairs where fk_cusers = %s"""
sqlOut = cur.mogrify(sql,[userObj["userId"]])
cur.execute(sql,[userObj["userId"]])
if cur.rowcount == 1:
data = {"sqlran":sqlOut}
results = cur.fetchone()
accessKey = results["accesskey"]
print "*************************************"
print "*"
print accessKey, sqlOut
print "*"
print "*************************************"
user.get_userObj()
userObj = user.get_chairObj(accessKey)
headers = pyramid.security.remember(request, login+"|"+str(accessKey)+"|"+str(userObj["chairId"]))
print "========== \\/ look here 1 \\/ ========="
print login+"|"+str(accessKey)+"|"+str(userObj["chairId"])
print "========== /\\ look here /\\ ========="
session = request.session
session['fullname'] = userObj["fullname"]
session['userId'] = userObj["userId"]
return HTTPFound(location="/dashboard", headers=headers)
else:
noAccess = True
print "========== \/ look here 2 \/ ========="
print sqlOut
print cur.rowcount
print "========== /\ look here /\ ========="
except Exception as e:
print ">>>>>>>>>> ERROR ERROR ERROR >>>>>>>>>>>>"
print e
print ">>>>>>>>>> ERROR ERROR ERROR >>>>>>>>>>>>"
did_fail = True
user = None
templateVars['failed_attempt'] = did_fail
templateVars['login'] = login
#token = login.split("|")[1] if login is not None else ""
if noAccess == False:
return conference_abstract.util.generate_template('login.mako',templateVars)
else:
return conference_abstract.util.generate_template('noAccess.mako',{"user":user,"request":request,"pageTitle":"Chair Login"})
def service_post(request):
user = None
did_fail = False
templateVars = { # for failed login attempt
'message':
'Your email or password is incorrect.<br/> Please try again',
#'user': user,
'breadCrumbs': [{
"url": "/",
"text": "Home"
}, {
"url": "",
"text": "Login"
}],
'pageTitle': 'Login',
#'token':token, # session token
"request": request
}
if 'submit' in request.POST:
login = request.POST.get('login', '')
passwd = request.POST.get('passwd', '')
#user = USERS.get(login, None)
print login, passwd
user = User(login, None)
loginCheck = user.check_password(passwd)
#print loginCheck
#Hard coding allowed users
#allowedUsers = ['rrajendra','anjalisilva','cwei','ema','sratnasi','johanssj','cbertrand','dchan','drea','melbastami','mmilton','stoneham','rmanjunath','sratnasingham1','c.wei1','asauk','boldhoc','telliott2','ezakharov','sprosser','tbraukmann']
#if login not in allowedUsers:
# loginCheck = False
if user and loginCheck != False:
userObj = user.get_userObj()
user.check_userLevel()
if user.get_userLevel(
) is None and userObj["userId"] not in getValidLogins(
): # ensure only reviewers & admins can login
templateVars = {
"user": user,
"title": "No Access",
"message":
"Sorry, access is now restricted to reviewers and conference coordinators",
"showButton": "loginPoster"
}
return conference_abstract.util.generate_template(
'abstractThankYouMessage.mako', templateVars)
else:
# Create session and set cookies
headers = pyramid.security.remember(
request, login + "|" + str(loginCheck))
session = request.session
session['fullname'] = userObj["fullname"]
session['userId'] = userObj["userId"]
return HTTPFound(location="/dashboard", headers=headers)
did_fail = True
# Handling error response
user = None
templateVars['failed_attempt'] = did_fail
templateVars['login'] = login
#token = login.split("|")[1] if login is not None else ""
return conference_abstract.util.generate_template('login.mako',
templateVars)